Report says SMS is the most widely used method of adding an extra layer of security
Almost 30% of businesses are now using multi-factor authentication to enable customers to access their online services, according to a report published by the LoginRadius Identity Platform, which manages authentication for thousands of websites and mobile apps. The report says that 63% of these businesses use SMS messaging for multi-factor authentication, while the remainder use an authenticator app, such as Google Authenticator or Microsoft Authenticator. A multi-step verification process provides an extra layer of security: users are typically sent an authentication code they must enter to access their account.
The research is based on actual data collected across 2018 by LoginRadius’ platform, which is hosted in 35 data centres worldwide and has a cumulative reach of more than 1.17 billion users from all industries, according to the company. The data shows that 39% of users resort to the ‘forgot my password’ tool. Of those users, 85% actually retrieve their passwords, while 15% never reset their password. LoginRadius says some companies are now adopting “passwordless login”, which requires the user to either clink on a link in an email or enter an one time passcode sent to the user’s phone.
The research found that, of the customers that use passwordless login, 94% prefer to log in with their email address, and 6% prefer to log in with their phone number. However, the report says the data used for the analysis was predominantly from North America and Western Europe. “If we were to look at data from developing countries we would see the results reversed as phone login options were made available much sooner than email,” the report notes. “In the next few years, we expect to see these results shift towards passwordless via phone as more users become aware of its availability. We should also see a move for more users to start using passwordless login overall.”
For more information, please see the LoginRadius report